Can the U.S. Prevent Future WikiLeaks Document Releases?

With the release of more than 250,000 diplomatic documents earlier this week, WikiLeaks shifted its attention from the U.S. military to the country's diplomats, spilling classified messages that the government obviously did not care to share with the public. The U.S. stance is that WikiLeaks is taking advantage of vulnerabilities caused by increased intra-governmental agency data sharing mandated in the wake of the 9/11 attacks and that this breach will cause significant damage to national security.

Others see WikiLeaks's mission as an unfocused assault on government secrecy, which may be overused but still serves a purpose. Rather than concentrating on whistleblowing, assessing historical truth or promoting peace, WikiLeaks instead publishes "a vast potpourri of records—dazzling, revelatory, true, questionable, embarrassing, or routine—whose only common feature is that they are classified or otherwise restricted," blogged Steven Aftergood, a senior research analyst at the Federation of American Scientists, on Monday.

Aftergood's Secrecy News blog is technically in the same business as WikiLeaks—publishing official documents of public policy value that are somehow restricted or otherwise hard to find. Aftergood makes the distinction, however, that his blog publishes information not because it is restricted but rather because it has value to the public. The scope of government secrecy in the U.S., not to mention other countries, has exceeded rational boundaries, he acknowledges. Still, he adds, disabling secrecy in the name of transparency would be a sensible goal only "if it were true that all secrecy is wrong."

WikiLeaks has certainly succeeded in rousing the U.S. government. On August 12, 2010, Defense Secretary Robert Gates commissioned two reviews to determine what policy, procedural and technological shortfalls contributed to unauthorized disclosure to the WikiLeaks Web site. The results led to a number of recommendations for tightening access to documents, including "disabling all write capability to removable media on DoD classified computers, as a temporary technical solution to mitigate the future risks of personnel moving classified data to unclassified systems," according to a Defense Department memo. The Defense Department claims that 60 percent of its Secret Internet Protocol Router Network (SIPRNet) is now equipped with a host-based security system (HBSS) that can monitor unusual data access or usage. The department also claims to be accelerating HBSS deployment to the rest of its SIPRNet systems.

Scientific American asked Aftergood for his thoughts on how so much sensitive diplomatic information could be leaked and what the U.S. government might do to prevent future leaks.

[An edited transcript of the interview follows.]

How was someone able to get so many documents? Does this have anything to do with documents on the Department of Defense and the Department of State being from a single SIPRNet server?
This is a subject of continuing investigation. But it appears that all of the documents in question were available via SIPRNet and could be downloaded more or less at will. The Defense Department has made available its technical and policy response up to this point.

How does this latest episode differ from past leaks in pre-Web days, such as the Pentagon Papers back in 1971?
Certainly the technology makes it infinitely easier to capture the documents, to transfer them and to publish them for a worldwide audience.

How much does this latest leak hurt national security?
It's unclear and hard to quantify. But it seems likely that foreign interlocutors will now think twice about communicating information to U.S. diplomats, and U.S. diplomats now think twice about recording such information in written form. That is not good for diplomacy.

Does the government have a legitimate need for secrets? Is there such a thing as too much transparency in the public sector?
Certainly there is such a thing as legitimate secrecy. It extends to the protection of advanced military technologies, military operations, intelligence sources and methods—and diplomacy.

Reports say that the diplomats used "cables." Does this term refer to any electronic communication from overseas, or does it refer to an outdated mode of communication via telegram?
It is an anachronistic term that is nevertheless still used to refer to a diplomatic communication.

On November 28, the White House Office of Management and Budget issued a memo (pdf) calling for each agency that handles classified information to establish a security assessment team to ensure that users do not have broader access than necessary and to limit the use of removable media. What other changes do you foresee? What would you recommend?
A review of security procedures in light of recent events is already underway and may lead to new restrictions on access or distribution of classified records. My hope is that a critical review of the classification system in order to reduce or eliminate unnecessary secrecy will be part of the government's response.